The Online Software Inspector & the Personal Software Inspector both report my computer's installed version of the Java Runtime Environment software (JRE) as fully patched and current. The installed version of the Java JRE is 6.0.200.2. However, Firefox (Web Browser) version 3.6.8 reports that the current version of the Java JRE is insecure and that it should be updated. It presents an "Update" button.

This has been reported as insecure by Firefox for one month, yet Secunia still displays it as the current patched version of the JRE. This is the first discrepancy I've noted with the OSI/PSI and Firefox. Which is the correct analysis, the Secunia OSI/PSI or Firefox?

Particularly, at the very bottom of the Oracle release notes:
"Java SE 6 Update 21 does not contain any additional fixes for security vulnerabilities to its previous release, Java SE 6 Update 20. Users who have Java SE 6 Update 20 have the latest security fixes and do not need to upgrade to this release to be current on security fixes."

Particularly, at the very bottom of the Oracle release notes:
"Java SE 6 Update 21 does not contain any additional fixes for security vulnerabilities to its previous release, Java SE 6 Update 20. Users who have Java SE 6 Update 20 have the latest security fixes and do not need to upgrade to this release to be current on security fixes."

hope this helps.

Thank you, Emil. My suspicions are supported by your response. It is as I suspected, a maintenance release. Sometimes, the download Website for the Java JRE is lax on explanations for what is new with updates. I generally use the 64-bit version of the JRE with IE 8.0-64, but this Firefox recommended update showed using the 32-bit version of Firefox. I have not yet installed the Firefox 64-bit beta version.

If it is any consolation , I had exactly the same situation running Java U20 when Firefox 3.6.8 plug-in updates "suddenly" (as it were) requested U21 for Java several days ago , despite U21 being out very much longer .

As expected , the Java website offered me U21 and I took the opportunity to load it , simply to stop the Ff plug-in warning .

If you want full clarification you would need to ask Mozilla as to why the sudden "unnecessary" update warning .